Headline
CVE-2022-48545: Infinite loop in Catalog::findDestInTree - forum.xpdfreader.com
An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02.
Infinite loop in Catalog::findDestInTree
Post Reply
- Print view
Advanced search
3 posts • Page 1 of 1
shellway
Posts: 16
Joined: Mon Jun 29, 2020 8:52 pm
Infinite loop in Catalog::findDestInTree
- Quote
Post by shellway » Sun Jan 03, 2021 4:43 am
I find an infinite loop in Catalog::findDestInTree. To reproduce it, open poc with xpdf and click the hyperlink in it.
Attachments
poc.txt
(21.8 KiB) Downloaded 207 times
Top
shellway
Posts: 16
Joined: Mon Jun 29, 2020 8:52 pm
Re: Infinite loop in Catalog::findDestInTree
- Quote
Post by shellway » Sun Jan 03, 2021 5:01 am
Sorry. It’s not an infinite loop but infinite recursion which crashes xpdf.
Top
derekn
Posts: 936
Joined: Wed Apr 05, 2017 6:57 pm
Re: Infinite loop in Catalog::findDestInTree
- Quote
Post by derekn » Mon Jan 04, 2021 9:01 pm
This is a known issue – loops in the PDF object structure can cause problems for Xpdf.
Xpdf 4 catches some of these cases, but not all of them. I’m working on a more robust loop detector for Xpdf 5.
Top
Post Reply
- Print view
Display: Sort by: Direction:
3 posts • Page 1 of 1
Return to “Xpdf open source”
Jump to
- XpdfReader
- Xpdf open source